Brute force wp-login actions
-
Hi,
Recently we were the subject of a brute force attack on our wp-login page. We have the hide backend enabled but it doesn’t work the way I would expect.
We have re-write code in the htaccess file but it does not redirect to /not_found.
If you load wp-login is sends you to the 404 page but if you look for wp-login.php it take you straight to the login page.
The result is that the brute force attack came straight through. Below is a segment from our log file showing the attack line coming through and a 500 error.
POST /wp-login.php HTTP/1.0 500 3069
Any ideas on what is happening here?
- The topic ‘Brute force wp-login actions’ is closed to new replies.
